North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: botnet reporting by AS - what about you?
- From: Rick Wesson
- Date: Fri Aug 12 17:34:10 2005
I'd personally love more reporting services that will actually disclose
information to the ISPs who can actually take action to help straighten
out their customers. We have far too many people who sit around wringing
their hands about how horrible the botnets are, but who won't tell anyone
who can do anything about it out of a paranoid sense of "security". I'm
not sure this is the best way to go about that though. :)
ok. I'm working on the following service and would like to know if there
is interest to participate. just drop a not off list if you want to play.
I've been producing daily reports for about 60 ASes in a report via
email. It is taking significant cycles to produce and I could only hand
another 60 or so networks. Since this won't scale for me I've decided to
do near real-time reports over jabber
the idea is to publish reports in the following style:
anti phishing reports go to the Domain Registrar and AS manager for
the IP space hosting the phish site.
botnets, virus infectors, open proxies etc the IP manager get
spamertisements, spam senders will notify the registrar
the reports are text, human readable RFC-822 style headers.
I should have the signup page done next week, i should publish it in
this notice but I'm just looking for feedback if doing the above is
something the community would participate in.
I'd like something that scales and what I've done thus far just won't scale.
comments (flames?) please.